JYso is a tool that can be used as both ysoserial and JNDIExploit. It also has bypass functions of multiple JNDI…
Finsploit is a simple bash script to quickly and easily search both local and online exploit databases. This repository also…
We delve into CVE-2024-38077, a critical security vulnerability identified in Windows Server 2025. This flaw, if exploited, could allow unauthorized…
TrickDump dumps the lsass process without creating a Minidump file, generating instead 3 JSON and 1 ZIP file with the…
DriverJack is a tool designed to load a vulnerable driver by abusing lesser-known NTFS techniques. These method bypass the registration of…
SCCM distribution points (DPs) are the servers used by Microsoft SCCM to host all the files used in software installs,…
Metasploit is a powerful and widely used framework for penetration testing and exploitation. It provides security professionals with tools to…
This is a cheatsheet of tools and commands that I use to pentest Active Directory. It includes Windows, Impacket and…
To contribute your work to the project you need to create a pull request on the Github where it is…
To add an exploit one has to go through a similar process as with the hardware profile, but in the…